...

Source file src/edge-infra.dev/pkg/edge/webhooks/edge-injector/couchdbuser_webhook.go

Documentation: edge-infra.dev/pkg/edge/webhooks/edge-injector

     1  package edgeinjector
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"k8s.io/apimachinery/pkg/runtime"
     8  
     9  	"edge-infra.dev/pkg/edge/datasync/couchdb"
    10  	"edge-infra.dev/pkg/lib/fog"
    11  
    12  	corev1 "k8s.io/api/core/v1"
    13  
    14  	"sigs.k8s.io/controller-runtime/pkg/client"
    15  )
    16  
    17  var (
    18  	allowedRoles = []string{couchdb.ReadOnlyUser, couchdb.CreateViewUser}
    19  )
    20  
    21  type CouchUserField string
    22  
    23  const (
    24  	Username = CouchUserField("COUCHDB_USER")
    25  	Password = CouchUserField("COUCHDB_PASSWORD")
    26  	URI      = CouchUserField("COUCHDB_URI")
    27  )
    28  
    29  type CouchUserWebhook struct {
    30  	client.Client
    31  }
    32  
    33  func (c *CouchUserWebhook) Default(ctx context.Context, obj runtime.Object) error {
    34  	log := fog.FromContext(ctx).WithValues("name", "CouchDBUserWebhook")
    35  
    36  	pod, ok := obj.(*corev1.Pod)
    37  	if !ok {
    38  		err := fmt.Errorf("expected a Pod but got a %T", obj)
    39  		log.Error(err, "not a pod")
    40  		return err
    41  	}
    42  
    43  	log = log.WithValues("pod", client.ObjectKeyFromObject(pod))
    44  
    45  	if SecretLabelValue(pod, CouchDBSecret) != "" {
    46  		log.Info("pod couch secret label found")
    47  		return nil
    48  	}
    49  
    50  	ctx = fog.IntoContext(ctx, log)
    51  	InjectSecret(ctx, pod, CouchDBSecret, map[string]string{
    52  		string(Username): couchdb.SecretUsername,
    53  		string(Password): couchdb.SecretPassword,
    54  		string(URI):      couchdb.SecretURI,
    55  	})
    56  
    57  	log.Info("successfully injected couchdb user secret environment variables")
    58  	return nil
    59  }
    60  

View as plain text